Learn more about these different git repos.
Other Git URLs
Improve bind-dyndb-ldap plugin to be able disable or enable DNSSEC validation, based on value in LDAP.
We are able to enable/disable dnssec validation only by modifying /etc/named.conf, which hits only particular server.
However, to have correct validation, we need to have properly configured forwarders. If user adds a global forwarder using ipa dnsconfig-mod --forwarder=a.b.c.d which doesn't support DNSSEC, it will break DNSSEC validation.
Currently we have no way how to disable/enable DNSSEC validation on all IPA replicas if user specify non-DNSSEC configured forwarder, or if a user just wants to disable it.
New LDAP attribute:
Results of planning meeting held on 2014-11-04.
These tickets are not directly related to upcomming FreeIPA 4.4 features.
Look at this again when we are done with rest of Fedora 24. Close if it is too had.
Moving tickets as triaged on 2016-02-11 with mkosek.
Metadata Update from @pspacek: - Issue assigned to someone - Issue set to the milestone: The Backlog
Login to comment on this ticket.